You're Invited:Meet the Socket Team at BlackHat and DEF CON in Las Vegas, Aug 4-6.RSVP
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

skip-local-postinstall

Package Overview
Dependencies
Maintainers
1
Versions
11
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

skip-local-postinstall

Skip postinstall on local npm installs.

2.0.4
latest
Source
npmnpm
Version published
Weekly downloads
1.6K
45.92%
Maintainers
1
Weekly downloads
 
Created
Source

skip-local-postinstall

Skips (successfully exits current process) when postinstall is called locally instead of being called when the package has been published to npm.

// package.json
"scripts": {
  "postinstall": "node ./installation.js"
}

// installation.js
import { skip } from 'skip-local-postinstall'

skip()

// This code will only be executed when installed through npm.
console.log('Installing from npm.')

Requires process.env.INIT_CWD variable available in all stable npm releases. Credits to Már Örlygsson for suggesting this implementaiton on Stackoverflow.

Compiled Postinstall File

In cases where you want to run a postinstall script for compiled files (i.e. source in TypeScript) the file will not be there when installing the package locally. To address that this plugin also includes a bin script. It's arguments will be passed directly to the node command and can include additional arguments apart from the file to run.

// package.json
"scripts": {
  "postinstall": "skip-local-postinstall ./dist/installation.js"
}

Alternative

It's also possible to encapsulate som of the desired functionality in a one-line script. However, this only works when the script is the result of a build process and the build is removed before installation.

// package.json
"scripts": {
  "postinstall": "node -e \"try{import('./dist/postinstall.js')}catch(e){}\""
}

When using a CommonJS package without { type: "module" } in package.json a require call can be used.

"node -e \"try{require('./dist/postinstall.js')}catch(e){}\""

Keywords

skip
local
postinstall
plugin

FAQs

Package last updated on 12 Nov 2022

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Introducing Scala and Kotlin Support in Socket

Product

Introducing Scala and Kotlin Support in Socket

Socket now supports Scala and Kotlin, bringing AI-powered threat detection to JVM projects with easy manifest generation and fast, accurate scans.

By Peter van der Zee, Eli Insua  -  Jul 28, 2025
AI + a16z Podcast: Vibe Coding, Security Risks, and the Path to Progress

Application Security

/

Security News

AI + a16z Podcast: Vibe Coding, Security Risks, and the Path to Progress

Socket CEO Feross Aboukhadijeh and a16z partner Joel de la Garza discuss vibe coding, AI-driven software development, and how the rise of LLMs, despite their risks, still points toward a more secure and innovative future.

By Sarah Gooding  -  Jul 25, 2025